[dns-operations] a maximum of about 16K possible DNSSEC keytags?

Warren Kumari warren at kumari.net
Mon Nov 30 15:56:30 UTC 2015


Yeah, I'm actually doing:
------------
#!/bin/bash

for i in `seq 1 2000`; do dnssec-keygen -K keys -a RSASHA256 -b 2048 -f KSK
-v 0
 -r /dev/urandom example.com > /dev/null 2>&1; done

ls keys/*.key | awk -F '+' '{print $3}' >> keytags

rm keys/*

echo "There are "
wc -l keytags

----------

(I delete the keys after generating 2000 of them, because I didn't really
see a need for keeping them around. Perhaps that was a mistake.)
Anyway, it takes me ~10m to generate 2K keys. Currently I have generated
9209, and 7285 of them are unique.

W

On Mon, Nov 30, 2015 at 10:49 AM Roy Arends <roy at dnss.ec> wrote:

> On 30 Nov 2015, at 15:34, Warren Kumari wrote:
>
> > ... and, for the last hour or so I've been generating lots of keys
> > using
> > ISC BIND dnssec-keygen.
> >
> > Currently I'm up to:
> > wkumari at eric:~/tmp/tmp$ wc -l keytags
> > 5209 keytags
> > (and, boy, are my fingers tired...)
> >
> > How did you generate the keys? I've been doing:
> > dnssec-keygen -K keys -a RSASHA256 -b 2048 -f KSK -v \
> > 0 -r /dev/urandom example.com > /dev/null 2>&1
>
> while true; do /usr/local/sbin/dnssec-keygen -a rsasha256 -b 2048 -f KSK
> .; done
>
> to do an equivalent calculation with random numbers I use:
>
> while true; do jot -r 128 0 65535|awk '{s+=$1} END {print (s +
> int(s/65536))%65535}'>>test;done
>
> The former gets about 16K unique results, the latter 64K.
>
> Roy
>
>
> >
> > W
> >
> > On Mon, Nov 30, 2015 at 10:24 AM Roy Arends <roy at dnss.ec> wrote:
> >
> >> On 29 Nov 2015, at 23:20, Roy Arends wrote:
> >>
> >>> I am only able to generate about 16K unique keytags for a 2K
> >>> RSASHA256
> >>> KSK (*), even after generating hundreds of thousands of keys in a
> >>> loop.
> >>>
> >>> I expected the entire 16 bit keytag space used (i.e. 64K keytags),
> >>> as
> >>> the keytag is simply the sum of the DNSKEY RDATA (as a series of two
> >>> byte values) with the high two bytes of the resulting 32 bit value
> >>> added to the low 2 byte without carry.
> >>>
> >>> Since the RDATA contains 256 bytes of modulus (a result of
> >>> multiplying
> >>> two randomly generated 128 byte primes), I thought it had a fair
> >>> amount of entropy so that the resulting key tags would be nicely
> >>> distributed.
> >>>
> >>> Apparently not.
> >>>
> >>> Anyone able (willing) to explain the math, please?
> >>
> >> Peter van Dijk generated a large set of DNSKEYs with the same
> >> algorithm,
> >> flags and exponent and was able to generate a lot more unique
> >> keytags.
> >> Peter is using PowerDNS ’pdnssec add-zone-key’ which uses mbedTLS
> >> 2.1.0, while I was using dnssec-keygen and ldns-keygen which both
> >> used
> >> OpenSSL 0.9.8zg.
> >>
> >> It looks like the difference stems from the libraries involved. At
> >> least
> >> we can fingerprint the key generators behind the keys used :-)
> >>
> >> Not sure if I can find out more, or if this is important. Will keep
> >> looking though.
> >>
> >> Thanks
> >>
> >> Roy
> >> _______________________________________________
> >> dns-operations mailing list
> >> dns-operations at lists.dns-oarc.net
> >> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> >> dns-jobs
> >> <https://lists.dns-oarc.net/mailman/listinfo/dns-operationsdns-jobs>
> >> mailing list
> >> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20151130/67ae7746/attachment.html>


More information about the dns-operations mailing list